Video service providers contend with ongoing challenges posed by streaming piracy over the Internet. Streaming piracy has become one of the greatest threats to conditional access (CA) and digital rights management (DRM) systems at the present time. Pirates can use a simple frame grabber device in order to grab the video from a media rendering device, such as a set top box (STB), a tablet or hand-held device, or other appropriate media device, output (analog or HDMI), and then stream the output to their web site. Video service providers use human based-detection in order to detect pirated copies of the pirated video. The video service providers may send commands which cause fingerprints, comprising subscriber card IDs to be displayed on a viewing screen. The video service providers then manually search for such IDs in pirated copies of the content. Alternatives to this manual method include using optical character recognition (OCR) systems which parse on-screen IDs. However, OCR systems typically have about a 95% success rate, due to known OCR issues, such as “B-8” confusion etc.
Persons who attempt to gain unauthorized access to video, sometimes referred to as “Hackers” or “Pirates” may attempt to circumvent detection of such fingerprinted content by any of the following techniques:                Blocking of middleware or electronic program guide (EPG) processes by hardware modifications which cause IRQs (interrupt request lines) to overflow, thereby preventing proper communication between a set top box module which communicates with a security token, such as a smart card, and the EPG or middleware, thereby disabling fingerprinting;        Blocking of conditional access entitlement management messages (EMMs) which trigger fingerprinting;        Modification of the sections of EMMs and entitlement content messages (ECMs) directed to the media device module which communicates with the security token in order to remove fingerprint triggering;        Collaborative attacks, which use output of several media devices, where different areas between the output streams are blacked out; and        Interlace attacks, which use outputs from several media devices, and interlacing one stream upon another one in order to blur the fingerprinted ID.        
Such video, to which a hacker or pirate has gained unauthorized or illegal access may be referred to as hacked video, hacked content, rogue content, or other similar terms.
The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the appendix in which:
Appendix A is a discussion of the computational difficulty of finding randomly positioned overlays by temporal analysis of video, especially if the hacker has access to both the encoded video (possibly content encrypted) and the rendered video frames.